From 6a63178833ff06daaa37f1b73f378039b6d8ded3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jacobo=20Aragunde=20P=C3=A9rez?= <jaragunde@igalia.com>
Date: Fri, 18 Dec 2009 15:04:58 +0100
Subject: [PATCH] ItEr39S10CUAltaUsuario: prevent the login service to show a
 HTTP 403 error when a user without roles logs in.

Now the message 'incorrect login' is shown instead.
---
 .../web/users/services/DBUserDetailsService.java            | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/navalplanner-webapp/src/main/java/org/navalplanner/web/users/services/DBUserDetailsService.java b/navalplanner-webapp/src/main/java/org/navalplanner/web/users/services/DBUserDetailsService.java
index ef4f23f2e..aa5bb11e7 100644
--- a/navalplanner-webapp/src/main/java/org/navalplanner/web/users/services/DBUserDetailsService.java
+++ b/navalplanner-webapp/src/main/java/org/navalplanner/web/users/services/DBUserDetailsService.java
@@ -73,6 +73,12 @@ public class DBUserDetailsService implements UserDetailsService {
             allRoles.addAll(eachProfile.getRoles());
         }
 
+        if(allRoles.isEmpty()) {
+            //that user doesn't have any roles, so we forbid his login
+            throw new UsernameNotFoundException(_("User with login name " +
+                    "'{0}': access forbidden", loginName));
+        }
+
         return new org.springframework.security.userdetails.User(
             user.getLoginName(),
             user.getPassword(),